CloudFlare Flexible SSL - Version 1.3.0

Version Description

UPDATED: Update supported WordPress version to 5.1. CHANGED: Code adjustments to only process Flexible SSL in the case where it's not already SSL.

Download this release

Release Info

Developer paultgoodchild
Plugin Icon 128x128 CloudFlare Flexible SSL
Version 1.3.0
Comparing to
See all releases

Code changes from version 1.2.2 to 1.3.0

Files changed (3) hide show
  1. plugin.php +38 -21
  2. readme.txt +87 -75
  3. shieldprom.php +53 -0
plugin.php CHANGED
@@ -1,22 +1,20 @@
1
  <?php
2
  /*
3
- * Plugin Name: CloudFlare Flexible SSL
4
- * Plugin URI: http://icwp.io/2f
5
  * Description: Fix For CloudFlare Flexible SSL Redirect Loop For WordPress
6
- * Version: 1.2.2
7
  * Text Domain: cloudflare-flexible-ssl
8
- * Author: iControlWP
9
- * Author URI: http://icwp.io/2e
10
  */
11
 
12
  /**
13
- * Copyright (c) 2016 iControlWP <support@icontrolwp.com>
14
  * All rights reserved.
15
- *
16
  * "CloudFlare Flexible SSL" plugin is distributed under the GNU General Public License, Version 2,
17
  * June 1991. Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin
18
  * St, Fifth Floor, Boston, MA 02110, USA
19
- *
20
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
21
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -30,22 +28,41 @@
30
  */
31
  class ICWP_Cloudflare_Flexible_SSL {
32
 
33
- public function __construct() {}
 
34
 
35
  public function run() {
 
 
 
 
 
 
 
 
36
 
37
- $aIcwpHttpsServerOpts = array( 'HTTP_CF_VISITOR', 'HTTP_X_FORWARDED_PROTO' );
38
- foreach( $aIcwpHttpsServerOpts as $sOption ) {
 
 
 
 
39
 
40
- if ( isset( $_SERVER[ $sOption ] ) && ( strpos( $_SERVER[ $sOption ], 'https' ) !== false ) ) {
41
- $_SERVER[ 'HTTPS' ] = 'on';
 
 
 
 
 
 
 
 
42
  break;
43
  }
44
  }
45
 
46
- if ( is_admin() ) {
47
- add_action( 'admin_init', array( $this, 'maintainPluginLoadPosition') );
48
- }
49
  }
50
 
51
  /**
@@ -63,7 +80,7 @@ class ICWP_Cloudflare_Flexible_SSL {
63
  * @param string $sPluginFile
64
  * @return int
65
  */
66
- public function getActivePluginLoadPosition( $sPluginFile ) {
67
  $sOptionKey = is_multisite() ? 'active_sitewide_plugins' : 'active_plugins';
68
  $aActive = get_option( $sOptionKey );
69
  $nPosition = -1;
@@ -78,9 +95,9 @@ class ICWP_Cloudflare_Flexible_SSL {
78
 
79
  /**
80
  * @param string $sPluginFile
81
- * @param int $nDesiredPosition
82
  */
83
- public function setActivePluginLoadPosition( $sPluginFile, $nDesiredPosition = 0 ) {
84
 
85
  $aActive = $this->setArrayValueToPosition( get_option( 'active_plugins' ), $sPluginFile, $nDesiredPosition );
86
  update_option( 'active_plugins', $aActive );
@@ -94,10 +111,10 @@ class ICWP_Cloudflare_Flexible_SSL {
94
  /**
95
  * @param array $aSubjectArray
96
  * @param mixed $mValue
97
- * @param int $nDesiredPosition
98
  * @return array
99
  */
100
- public function setArrayValueToPosition( $aSubjectArray, $mValue, $nDesiredPosition ) {
101
 
102
  if ( $nDesiredPosition < 0 || !is_array( $aSubjectArray ) ) {
103
  return $aSubjectArray;
1
  <?php
2
  /*
3
+ * Plugin Name: Cloudflare Flexible SSL
4
+ * Plugin URI: https://icwp.io/cloudflaresslpluginauthor
5
  * Description: Fix For CloudFlare Flexible SSL Redirect Loop For WordPress
6
+ * Version: 1.3.0
7
  * Text Domain: cloudflare-flexible-ssl
8
+ * Author: One Dollar Plugin
9
+ * Author URI: https://icwp.io/cloudflaresslpluginauthor
10
  */
11
 
12
  /**
13
+ * Copyright (c) 2019 One Dollar Plugin <emails@onedollarplugin.com>
14
  * All rights reserved.
 
15
  * "CloudFlare Flexible SSL" plugin is distributed under the GNU General Public License, Version 2,
16
  * June 1991. Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin
17
  * St, Fifth Floor, Boston, MA 02110, USA
 
18
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
19
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
28
  */
29
  class ICWP_Cloudflare_Flexible_SSL {
30
 
31
+ public function __construct() {
32
+ }
33
 
34
  public function run() {
35
+ if ( !$this->isSsl() && $this->isSslToNonSslProxy() ) {
36
+ $_SERVER[ 'HTTPS' ] = 'on';
37
+ add_action( 'shutdown', array( $this, 'maintainPluginLoadPosition' ) );
38
+ }
39
+ if ( version_compare( PHP_VERSION, '5.4.0', '>=' ) ) {
40
+ include_once( dirname( __FILE__ ).'/shieldprom.php' );
41
+ }
42
+ }
43
 
44
+ /**
45
+ * @return bool
46
+ */
47
+ private function isSsl() {
48
+ return function_exists( 'is_ssl' ) && is_ssl();
49
+ }
50
 
51
+ /**
52
+ * @return bool
53
+ */
54
+ private function isSslToNonSslProxy() {
55
+ $bIsProxy = false;
56
+
57
+ $aServerKeys = array( 'HTTP_CF_VISITOR', 'HTTP_X_FORWARDED_PROTO' );
58
+ foreach ( $aServerKeys as $sKey ) {
59
+ if ( isset( $_SERVER[ $sKey ] ) && ( strpos( $_SERVER[ $sKey ], 'https' ) !== false ) ) {
60
+ $bIsProxy = true;
61
  break;
62
  }
63
  }
64
 
65
+ return $bIsProxy;
 
 
66
  }
67
 
68
  /**
80
  * @param string $sPluginFile
81
  * @return int
82
  */
83
+ private function getActivePluginLoadPosition( $sPluginFile ) {
84
  $sOptionKey = is_multisite() ? 'active_sitewide_plugins' : 'active_plugins';
85
  $aActive = get_option( $sOptionKey );
86
  $nPosition = -1;
95
 
96
  /**
97
  * @param string $sPluginFile
98
+ * @param int $nDesiredPosition
99
  */
100
+ private function setActivePluginLoadPosition( $sPluginFile, $nDesiredPosition = 0 ) {
101
 
102
  $aActive = $this->setArrayValueToPosition( get_option( 'active_plugins' ), $sPluginFile, $nDesiredPosition );
103
  update_option( 'active_plugins', $aActive );
111
  /**
112
  * @param array $aSubjectArray
113
  * @param mixed $mValue
114
+ * @param int $nDesiredPosition
115
  * @return array
116
  */
117
+ private function setArrayValueToPosition( $aSubjectArray, $mValue, $nDesiredPosition ) {
118
 
119
  if ( $nDesiredPosition < 0 || !is_array( $aSubjectArray ) ) {
120
  return $aSubjectArray;
readme.txt CHANGED
@@ -1,75 +1,87 @@
1
- === Plugin Name ===
2
- Contributors: paultgoodchild
3
- Donate link: http://icwp.io/q
4
- License: GPLv3
5
- License URI: http://www.gnu.org/licenses/gpl.html
6
- Tags: CloudFlare, SSL, Flexible SSL, Universal SSL, redirect loop, HTTPS, HTTP_X_FORWARDED_PROTO
7
- Requires at least: 3.2.0
8
- Tested up to: 4.8
9
- Stable tag: 1.2.2
10
-
11
- Fix For CloudFlare Flexible SSL Redirect Loop For WordPress.
12
-
13
- == Description ==
14
-
15
- [Click For Full Implementation Guide](http://icwp.io/6z).
16
-
17
- Using CloudFlare's Flexible SSL on WordPress isn't as simple as just turning it on.
18
-
19
- This plugin forms an **integral part** to enabling Flexible SSL on WordPress and prevents infinite redirect loops when loading WordPress sites under CloudFlare's Flexible SSL system.
20
-
21
- == Frequently Asked Questions ==
22
-
23
- = Does this plugin affect non-SSL traffic? =
24
-
25
- No. It only comes into play when CloudFlare is serving HTTPS traffic from your site.
26
-
27
- = Should I change my WordPress Site URL to HTTPS? =
28
-
29
- No - there is no need. Use CloudFlare's pages rules to redirect your visitors. You can then safely turn off SSL whenever you want from within CloudFlare and your WordPress site will still load on HTTP.
30
-
31
- = What happens if I disable this plugin AFTER enabling Flexible SSL on CloudFlare? =
32
-
33
- Your WordPress site will not load on HTTPS/SSL. You will create an infinite loop loading problem and the only way to solve this is to turn off SSL redirects within CloudFlare.
34
-
35
- = Does I need this plugin if I use CloudFlare FULL or Strict SSL? =
36
-
37
- No. It is designed only to assist with Flexible SSL.
38
-
39
- == Screenshots ==
40
-
41
- n/a
42
-
43
- == Installation ==
44
-
45
- For full installation instructions, please review the following article: [Installation Instructions](http://www.icontrolwp.com/2014/10/enabling-cloudflares-universal-flexible-ssl-wordpress-without-infinite-redirect-loops/).
46
-
47
- == Changelog ==
48
-
49
- = 1.2.2 =
50
-
51
- UPDATED: Supported WordPress Version to v4.5
52
-
53
- = 1.2.1 =
54
-
55
- FIXED: Checking to ensure certain data types
56
-
57
- = 1.2.0 =
58
-
59
- ADDED: The plugin will try to set itself to load first, before all other plugins.
60
-
61
- = 1.1.0 =
62
-
63
- UPDATED: Supported WordPress Version
64
- UPDATED: Also works for any standard SSL Proxy scenario that uses HTTP_X_FORWARDED_PROTO - it doesn't have to CloudFlare
65
-
66
- = 1.0.0 =
67
-
68
- First Release
69
-
70
- == Upgrade Notice ==
71
-
72
- = 1.0.0 =
73
-
74
- First Release
75
-
 
 
 
 
 
 
 
 
 
 
 
 
1
+ === Plugin Name ===
2
+ Contributors: onedollarplugin, paultgoodchild
3
+ Donate link: https://icwp.io/cloudflaresslpluginauthor
4
+ License: GPLv3
5
+ License URI: http://www.gnu.org/licenses/gpl.html
6
+ Tags: CloudFlare, SSL, Flexible SSL, Universal SSL, redirect loop, HTTPS, HTTP_X_FORWARDED_PROTO
7
+ Requires at least: 3.2.0
8
+ Requires PHP: 5.2
9
+ Recommended PHP: 7.0
10
+ Tested up to: 5.1
11
+ Stable tag: 1.3.0
12
+
13
+ Fix For CloudFlare Flexible SSL Redirect Loop For WordPress.
14
+
15
+ == Description ==
16
+
17
+ [Click For Full Implementation Guide](https://icwp.io/6z).
18
+
19
+ Using CloudFlare® Flexible SSL on WordPress isn't as simple as just turning it on.
20
+
21
+ This plugin forms an **integral part** to enabling Flexible SSL on WordPress and prevents infinite redirect loops when loading WordPress sites under Cloudflare's Flexible SSL system.
22
+
23
+ *Cloudflare is a registered trademark of Cloudflare, Inc.*
24
+
25
+ One Dollar Plugin is not affiliated in any way with Cloudflare, Inc. This plugin provided separately and completely independently.
26
+
27
+ Remember: This plugin is just part of the installation process for Flexible SSL. [Please follow the full guide](https://icwp.io/6z)
28
+
29
+ == Frequently Asked Questions ==
30
+
31
+ = Does this plugin affect non-SSL traffic? =
32
+
33
+ No. It only comes into play when Cloudflare is serving HTTPS traffic from your site.
34
+
35
+ = Should I change my WordPress Site URL to HTTPS? =
36
+
37
+ No - there is no need. Use Cloudflare's pages rules to redirect your visitors. You can then safely turn off SSL whenever you want from within Cloudflare and your WordPress site will still load on HTTP.
38
+
39
+ = What happens if I disable this plugin AFTER enabling Flexible SSL on Cloudflare? =
40
+
41
+ Your WordPress site will not load on HTTPS/SSL. You will create an infinite loop loading problem and the only way to solve this is to turn off SSL redirects within Cloudflare.
42
+
43
+ = Does I need this plugin if I use Cloudflare FULL or Strict SSL? =
44
+
45
+ No. It is designed only to assist with Flexible SSL.
46
+
47
+ == Screenshots ==
48
+
49
+ n/a
50
+
51
+ == Installation ==
52
+
53
+ For full installation instructions, please review the following article: [Installation Instructions](https://icwp.io/6z).
54
+
55
+ = 1.3.0 =
56
+
57
+ UPDATED: Update supported WordPress version to 5.1.
58
+ CHANGED: Code adjustments to only process Flexible SSL in the case where it's not already SSL.
59
+
60
+ = 1.2.2 =
61
+
62
+ UPDATED: Supported WordPress Version to v4.5
63
+ == Changelog ==
64
+
65
+ = 1.2.1 =
66
+
67
+ FIXED: Checking to ensure certain data types
68
+
69
+ = 1.2.0 =
70
+
71
+ ADDED: The plugin will try to set itself to load first, before all other plugins.
72
+
73
+ = 1.1.0 =
74
+
75
+ UPDATED: Supported WordPress Version
76
+ UPDATED: Also works for any standard SSL Proxy scenario that uses HTTP_X_FORWARDED_PROTO - it doesn't have to Cloudflare
77
+
78
+ = 1.0.0 =
79
+
80
+ First Release
81
+
82
+ == Upgrade Notice ==
83
+
84
+ = 1.0.0 =
85
+
86
+ First Release
87
+
shieldprom.php ADDED
@@ -0,0 +1,53 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ add_action( 'init', function () {
4
+
5
+ if ( !class_exists( 'ICWP_WPSF_Shield_Security' ) && current_user_can( 'manage_options' ) ) {
6
+ $nCurrentId = wp_get_current_user()->ID;
7
+
8
+ $sMetaKey = 'odp_cfs_shield_notice';
9
+
10
+ $nCurrentTime = get_user_meta( $nCurrentId, $sMetaKey, true );
11
+ if ( empty( $nCurrentTime ) ) {
12
+ update_user_meta( $nCurrentId, $sMetaKey, 'Y' );
13
+ }
14
+ else if ( isset( $_GET[ 'flag' ] ) && $_GET[ 'flag' ] == $sMetaKey ) {
15
+ // set flag that the dialogue has been acknowledged closed
16
+ update_user_meta( $nCurrentId, $sMetaKey, time() );
17
+ }
18
+ else if ( $nCurrentTime === 'Y' ) { // we can successfully set meta but haven't closed dialogue
19
+ add_action( 'admin_notices', 'odp_shield_promo_notice' );
20
+ add_action( 'network_admin_notices', 'odp_shield_promo_notice' );
21
+ }
22
+ }
23
+ } );
24
+
25
+ function odp_shield_promo_notice() {
26
+ $aText = array(
27
+ "Take a quick moment to checkout Shield Security - downloaded over 5Million times with a avg 5* satisfied rating.",
28
+ 'Built by the <span style="text-decoration: underline">same people you trusted</span> to help you easily setup CloudFlare Flexible SSL.'
29
+ );
30
+
31
+ global $pagenow;
32
+
33
+ echo sprintf(
34
+ '<div class="updated"><h4>%s</h4><p>%s</p>'.
35
+ '<p><a href="%s" target="_blank" style="font-weight: bolder">%s</a>'.
36
+ ' / <a href="%s">%s</a></p></div>',
37
+
38
+ ucwords( 'Looking for a fresh, powerful security plugin for WordPress?' ),
39
+ implode( '<br/>', $aText ),
40
+ add_query_arg(
41
+ array(
42
+ 's' => 'Shield+Security+for+WordPress+by+One+Dollar+Plugin',
43
+ 'tab' => 'search',
44
+ 'type' => 'term',
45
+ 'flag' => 'odp_cfs_shield_notice'
46
+ ),
47
+ network_admin_url( 'plugin-install.php' )
48
+ ),
49
+ ' &rarr; Click here to discover Shield Security for WordPress',
50
+ add_query_arg( array( 'flag' => 'odp_cfs_shield_notice' ), $pagenow ),
51
+ 'Close This Notice'
52
+ );
53
+ }